MAIN-
Deckard's System Scanner v20070905.67
Run by Patrik on 2007-09-08 21:15:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Failed to create restore point; unknown error code 0x00000001
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 511 MiB (512 MiB recommended).
-- HijackThis (run as Patrik.exe) ----------------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-09-08 21:16:36
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16512)
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Free\avgamsvr.exe
C:\Program Files\Grisoft\AVG Free\avgupsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\opt\MBCASE\pm\bin\mcp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\opt\MBCASE\WIS\tbcd\tbmux32.exe
C:\WINDOWS\system32\cmd.exe
C:\opt\MBCASE\pm\bin\cmserver.exe
C:\WINDOWS\system32\cmd.exe
C:\opt\MBCASE\pm\bin\lic_srv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\Program Files\Grisoft\AVG Free\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Thrustmaster\Thrustmapper\TMTMTSR.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Ericsson\Mobile\Connectivity Pack\ConnMngMntBox.exe
C:\Program Files\Intuwave Ltd\Shared\mRouterRunTime\mRouterRuntime.exe
C:\WINDOWS\system32\calc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\winlogon.exe
C:\Dev-C++\DevCpp.exe
C:\Documents and Settings\Patrik\Desktop\Anim8or.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Patrik\Local Settings\Temporary Internet Files\Content.IE5\45J9W8WT\dss[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=488
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Knight Online Toolbar Helper - {9D006D63-579B-4D77-9C12-15623661ADDA} - C:\Program Files\Knight Online Toolbar\v3.2.0.0\Knight_Online_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: Knight Online Toolbar - {E7D38ED4-2933-43B8-B0B9-52D11CE9CA10} - C:\Program Files\Knight Online Toolbar\v3.2.0.0\Knight_Online_Toolbar.dll
O4 - HKEY_LOCAL_MACHINE\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKEY_LOCAL_MACHINE\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKEY_LOCAL_MACHINE\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKEY_LOCAL_MACHINE\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKEY_LOCAL_MACHINE\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKEY_LOCAL_MACHINE\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKEY_LOCAL_MACHINE\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKEY_LOCAL_MACHINE\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [ThrustTSR] "C:\Program Files\Thrustmaster\Thrustmapper\TMTMTSR.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US
ee://aol/imApp
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Phone Connection Monitor.lnk = C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
O4 - Global Startup: Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
https://online.musicmatch.com (HKEY_LOCAL_MACHINE)
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) -
http://h50203.www5.hp.com/HPISWeb/Custo ... anager.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://download.microsoft.com/download/ ... ontrol.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) -
http://mypoints.worldwinner.com/games/v ... Loader.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) -
http://fpdownload.macromedia.com/get/sh ... tor/sw.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () -
http://download.microsoft.com/download/ ... mv9VCM.CAB
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) -
http://www.worldwinner.com/games/v50/pool/pool.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) -
http://www.worldwinner.com/games/v46/be ... eweled.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) -
http://www.worldwinner.com/games/v49/bl ... ckwerx.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) -
http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 5887514531
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -
http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} (Cubis Control) -
http://www.worldwinner.com/games/v57/cubis/cubis.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) -
http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) -
http://www.worldwinner.com/games/v67/swapit/swapit.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) -
http://www.worldwinner.com/games/v41/ha ... angman.cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) -
http://cdn1.acclaimdownloads.com/solidstateion.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) -
http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shoc ... wflash.cab
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} (WWSpades Control) -
http://www.worldwinner.com/games/v47/ww ... spades.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: konfig - Unknown owner - c:\opt\MBCASE\pm\bin\mcp
O23 - Service: license - Unknown owner - c:\opt\MBCASE\pm\bin\mcp
O23 - Service: mcp - Unknown owner - c:\opt\MBCASE\pm\bin\mcp
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TransBaseService - TransAction Software, D 81737 Munich - C:\opt\MBCASE\WIS\tbcd\tbmux32.exe
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 CdaD10BA - c:\windows\system32\drivers\cdad10ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S2 pciinfo (HP Pci Information) - c:\docume~1\peterc~1.pet\locals~1\temp\hpispz\hpdom\pciinfo.sys (file missing)
S3 BVRPMPR5 (BVRPMPR5 NDIS Protocol Driver) - c:\windows\system32\drivers\bvrpmpr5.sys <Not Verified; BVRP Software; BVRPNDIS Rawether for Windows>
S3 RimUsb (RIM Handheld) - c:\windows\system32\drivers\rimusb.sys (file missing)
S3 SNPSTD3 (USB PC Camera (SNPSTD3)) - c:\windows\system32\drivers\snpstd3.sys <Not Verified; ; PC Camera driver>
S3 XDva020 - c:\windows\system32\xdva020.sys (file missing)
S3 XDva025 - c:\windows\system32\xdva025.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 mcp - c:\opt\mbcase\pm\bin\mcp (file missing)
R2 TransBaseService - c:\opt\mbcase\wis\tbcd\tbmux32.exe <Not Verified; TransAction Software, D 81737 Munich; TransBase/CD DataBase System>
R3 konfig - c:\opt\mbcase\pm\bin\mcp (file missing)
R3 license - c:\opt\mbcase\pm\bin\mcp (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-08-31 15:15:27 488 --a------ C:\WINDOWS\Tasks\SpywareBot Scheduled Scan.job
-- Files created between 2007-08-08 and 2007-09-08 -----------------------------
2007-09-07 20:22:55 0 dr-h----- C:\Documents and Settings\Patrik\Recent
2007-09-06 20:42:18 394240 --a------ C:\WINDOWS\system32\Smab.dll
2007-09-06 20:42:17 719872 --a------ C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
2007-09-06 20:42:16 70656 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified;
http://www.helixcommunity.org; Helix YV12 YUV Codec>
2007-09-06 20:42:16 27648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-09-06 20:42:16 318976 --a------ C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5>
2007-09-06 20:42:16 66560 --a------ C:\WINDOWS\MOTA113.exe
2007-09-06 20:42:15 70656 --a------ C:\WINDOWS\system32\i420vfw.dll <Not Verified;
http://www.helixcommunity.org; Helix I420 YUV Codec>
2007-09-06 20:42:14 217073 --a------ C:\WINDOWS\meta4.exe
2007-09-06 20:42:13 0 d-------- C:\Program Files\AviSynth 2.5
2007-09-06 20:41:41 31232 -r-hs---- C:\WINDOWS\system32\msfDX.dll <Not Verified; Hans Mayerl; msfDX.dll>
2007-09-06 20:41:41 163328 -r-hs---- C:\WINDOWS\system32\flvDX.dll <Not Verified; Gabest; FLV Splitter>
2007-09-06 20:41:35 0 d-------- C:\Program Files\eRightSoft
2007-09-05 16:55:27 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-09-03 14:21:26 0 d-------- C:\Documents and Settings\Patrik\Application Data\Help
2007-09-03 14:15:37 0 d-------- C:\Dev-C++
2007-09-03 14:12:54 0 d-------- C:\Documents and Settings\Patrik\WINDOWS
2007-09-03 14:04:58 0 d-------- C:\Documents and Settings\Patrik\Application Data\WinRAR
2007-09-03 14:00:11 0 d-------- C:\Downloads
2007-09-03 14:00:11 0 d-------- C:\Documents and Settings\Patrik\Application Data\GetRightToGo
2007-09-03 11:30:07 0 d-------- C:\Documents and Settings\Patrik\.limewire
2007-09-03 10:46:04 0 d-------- C:\Documents and Settings\Patrik\Application Data\Sun
2007-08-31 15:05:14 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2007-08-29 17:22:31 0 d-------- C:\Program Files\Paint.NET
2007-08-28 16:43:23 0 d-------- C:\WINDOWS\system32\SolidStateNetworks
2007-08-28 14:54:55 166 --a------ C:\install.dat
2007-08-28 14:33:59 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-08-28 14:33:54 0 d-------- C:\Program Files\SpywareBot
2007-08-24 21:56:20 0 d-------- C:\Program Files\Blender Foundation
2007-08-20 22:02:47 0 d-------- C:\Program Files\Pixia
2007-08-20 17:05:21 0 d-------- C:\Program Files\Serif
2007-08-20 17:05:20 0 d-------- C:\My Documents
2007-08-19 19:10:34 44544 -----n--- C:\WINDOWS\AWuninstall.exe
2007-08-19 17:42:21 0 d-------- C:\Program Files\Stardock
2007-08-19 17:42:21 0 d-------- C:\Program Files\Common Files\Stardock
2007-08-19 16:28:19 0 d-------- C:\WINDOWS\lhsp
2007-08-19 16:28:00 0 d-------- C:\WINDOWS\speech
2007-08-19 16:17:21 0 d-------- C:\Program Files\Sprite Builder
2007-08-18 12:48:42 0 d-------- C:\Program Files\Reallusion
2007-08-18 12:36:59 0 d-------- C:\Program Files\quick3D Pro
2007-08-17 15:16:15 0 d-------- C:\Program Files\ArtOfIllusion
2007-08-15 21:55:14 0 d-------- C:\Python24
2007-08-15 21:54:32 0 d-------- C:\Program Files\Aqsis
2007-08-15 21:52:01 0 d-------- C:\k3d
2007-08-15 20:51:24 0 d-------- C:\Program Files\DAZ
2007-08-15 20:51:22 0 d-------- C:\Program Files\Common Files\DAZ
2007-08-15 20:17:42 0 d-------- C:\Program Files\e frontier
2007-08-12 11:15:44 0 d-------- C:\Program Files\DivX
2007-08-09 22:19:21 0 d-------- C:\WINDOWS\system32\AGEIA
2007-08-09 22:19:21 0 d-------- C:\Program Files\AGEIA Technologies
2007-08-09 21:59:47 0 d-------- C:\Program Files\Kuma Games
2007-08-09 17:54:57 231241 --a------ C:\WINDOWS\Knight_Online_Toolbar_Uninstaller_9250.exe <Not Verified; K2Network; Knight Online Toolbar>
2007-08-09 09:58:26 0 d-------- C:\Documents and Settings\Patrik\Application Data\Viewpoint
2007-08-08 22:02:02 231241 --a------ C:\WINDOWS\Knight_Online_Toolbar_Uninstaller_765.exe <Not Verified; K2Network; Knight Online Toolbar>
2007-08-08 22:01:42 0 d-------- C:\Program Files\Knight Online Toolbar
2007-08-08 22:01:30 0 d-------- C:\Program Files\Knight Online
-- Find3M Report ---------------------------------------------------------------
2007-09-07 16:32:30 0 d-------- C:\Program Files\iTunes
2007-09-07 16:32:29 0 d-------- C:\Program Files\QuickTime
2007-09-07 16:32:29 0 d-------- C:\Program Files\Microsoft IntelliPoint
2007-09-07 16:31:57 0 d-------- C:\Program Files\AIM6
2007-09-07 16:31:26 0 d-------- C:\Program Files\Google
2007-09-05 16:37:03 0 d-------- C:\Program Files\Viewpoint
2007-09-03 11:35:14 0 d-------- C:\Program Files\LimeWire
2007-08-31 15:27:07 0 d-------- C:\Program Files\Virtual Villagers 2
2007-08-31 15:25:40 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-08-31 14:51:07 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-31 14:39:57 0 d-------- C:\Program Files\Sony
2007-08-28 13:59:11 0 d-------- C:\Program Files\Java
2007-08-19 17:42:21 0 d-a------ C:\Program Files\Common Files
2007-08-18 14:50:19 0 d-------- C:\Program Files\Cheat Engine
2007-08-09 10:15:25 0 d-------- C:\Documents and Settings\Patrik\Application Data\Google
2007-07-04 15:53:22 367 --a------ C:\WINDOWS\EReg072.dat
2007-06-22 21:34:00 56832 -----n--- C:\WINDOWS\system32\iyvu9_32.dll
2007-06-22 21:34:00 143872 -----n--- C:\WINDOWS\system32\iacenc.dll <Not Verified; Intel Corporation; Indeo® audio software>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
-- End of Deckard's System Scanner: finished at 2007-09-08 21:18:59 ------------
EXTRA-
Deckard's System Scanner v20070905.67
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon(tm) XP Processor 3000+
Percentage of Memory in Use: 70%
Physical Memory (total/avail): 510.98 MiB / 148.96 MiB
Pagefile Memory (total/avail): 1247.74 MiB / 500.46 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1950.39 MiB
C: is Fixed (NTFS) - 55.88 GiB total, 17.5 GiB free.
D: is CDROM (CDFS)
\\.\PHYSICALDRIVE0 - HITACHI_DK23FA-60 - 55.89 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 55.88 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AV: AVG 7.5.485 v7.5.485 (GRISOFT)
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"="C:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe:*:Enabled:mRouterRuntime"
"C:\\Program Files\\GameHouse\\Jigsaw\\Jigsaw.exe"="C:\\Program Files\\GameHouse\\Jigsaw\\Jigsaw.exe:*:Enabled:Jigsaw"
"C:\\Program Files\\Yahoo! Games\\Spider-Man 2 Web of Words\\Spider-Man 2 Web of Words.exe"="C:\\Program Files\\Yahoo! Games\\Spider-Man 2 Web of Words\\Spider-Man 2 Web of Words.exe:*:Disabled:Spider-Man 2 Web of Words"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Disabled:LimeWire swarmed installer"
"C:\\Program Files\\Yahoo! Games\\Bejeweled 2 Deluxe\\WinBej2.exe"="C:\\Program Files\\Yahoo! Games\\Bejeweled 2 Deluxe\\WinBej2.exe:*:Enabled:Bejeweled2"
"C:\\Program Files\\PopCap Games\\BookWorm Deluxe\\BookWorm.exe"="C:\\Program Files\\PopCap Games\\BookWorm Deluxe\\BookWorm.exe:*:Disabled:BookWorm"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Documents and Settings\\peter chovan.PETER-LAPTOP1\\Local Settings\\Temp\\gm_ttt_90042\\pong3.exe"="C:\\Documents and Settings\\peter chovan.PETER-LAPTOP1\\Local Settings\\Temp\\gm_ttt_90042\\pong3.exe:*:Enabled:pong3"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Documents and Settings\\peter chovan.PETER-LAPTOP1\\Local Settings\\Temp\\gm_ttt_30245\\pong3.exe"="C:\\Documents and Settings\\peter chovan.PETER-LAPTOP1\\Local Settings\\Temp\\gm_ttt_30245\\pong3.exe:*:Enabled:pong3"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Kuma Games\\KumaClient.exe"="C:\\Program Files\\Kuma Games\\KumaClient.exe:*:Enabled:KumaClient"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINDOWS
APPDATA=C:\Documents and Settings\Patrik\Application Data
AQSISHOME=C:\Program Files\Aqsis
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PETER-LAPTOP1
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Patrik
LOGONSERVER=\\PETER-LAPTOP1
NLSPATH=c:\opt\MBCASE\pm\NLS;c:\opt\MBCASE\WIS\NLS
NLSPATH_OLD=D:\wis\nls;c:\opt\MBCASE\pm\NLS
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\Program Files\AIM6;C:\Program Files\Aqsis\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 8, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0408
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Patrik\LOCALS~1\Temp
TMP=C:\DOCUME~1\Patrik\LOCALS~1\Temp
USERDOMAIN=PETER-LAPTOP1
USERNAME=Patrik
USERPROFILE=C:\Documents and Settings\Patrik
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI DisableNXShowUI
-- User Profiles ---------------------------------------------------------------
peter chovan.PETER-LAPTOP1
(admin)
Patrik
(admin)
Bryan
(admin)
Guest
(guest)
-- Add/Remove Programs ---------------------------------------------------------
-- Application Event Log -------------------------------------------------------
Event Record #/Type11040 / Error
Event Submitted/Written: 09/07/2007 08:22:07 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application Anim8or.exe, version 0.9.5.0, faulting module unknown, version 0.0.0.0, fault address 0x051256c0.
Processing media-specific event for [Anim8or.exe!ws!]
Event Record #/Type11037 / Error
Event Submitted/Written: 09/07/2007 03:59:33 PM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.
Event Record #/Type11016 / Error
Event Submitted/Written: 09/06/2007 04:19:21 PM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.
Event Record #/Type11010 / Error
Event Submitted/Written: 09/05/2007 04:04:15 PM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.
Event Record #/Type11005 / Error
Event Submitted/Written: 09/04/2007 08:27:46 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application aim6.exe, version 1.4.9.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type70558 / Warning
Event Submitted/Written: 09/08/2007 09:04:35 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00904B53825B. The following
error occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type70556 / Warning
Event Submitted/Written: 09/08/2007 09:04:01 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00904B53825B. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type70554 / Error
Event Submitted/Written: 09/08/2007 09:03:57 PM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Event Record #/Type70553 / Error
Event Submitted/Written: 09/08/2007 09:03:57 PM
Event ID/Source: 17 / W32Time
Event Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Event Record #/Type70552 / Warning
Event Submitted/Written: 09/08/2007 09:03:56 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00904B53825B. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
-- End of Deckard's System Scanner: finished at 2007-09-08 21:18:59 ------------